P
Prisma2mo ago
charley

Is it bad practice to depend on the unique constraint while creating a new object?

In my example: I have a User model with unique email. Should I be checking beforehand if the email already exists or does it not really matter because it will throw an error?
7 Replies
K1|ller
K1|ller2mo ago
Ii'll reply again i didn't like my previous answer. If you set the email field to unique you'll get an error if you try to use the same email to create another account. You just manage the error properly. You should have a banner in your website that display the errors that come from the backend a reusable banner let's say
JeanPSF
JeanPSF2mo ago
If it is a unique key on your database, it will throw an error.
charley
charley2mo ago
Well you don't want to display every error its bad practice Its revealing more to the user than they need to But atm for every error (because this really should be my only prisma error) I have a message: "An error occured while creating your account. You may already have an existing account with this email address."
K1|ller
K1|ller2mo ago
nope, just translate it into something different
charley
charley2mo ago
ig but generic errors is what ur supposed to do
JeanPSF
JeanPSF2mo ago
This is worst than the prisma error itself. It reveals a user with this specific email already exist, which can be used to list random user's to plan an attack, prisma error do tell the user a little bit about your database architecture, but rarely it will reveal too much. But shortening the conversation, you should change your error message to a more generic one
charley
charley2mo ago
Most apps will say that Even google says that if your signing up A random error is worse because that doesn't tell the user to switch their email and they will be unable to signup I am discussing the signup process btw obv for the signin any error will just be shown as invalid credentials